content-seo-optimizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill directly fetches and scrapes arbitrary public URLs (see scrape_page in scripts/seo_audit.py using requests/BeautifulSoup and optional Firecrawl) and also performs SERP/competitor fetching via Perplexity/WebSearch as described in SKILL.md, then ingests and analyzes that third‑party content as part of its audit workflow, exposing the agent to untrusted user-generated web content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's scrape_page function fetches arbitrary user-supplied webpages at runtime (e.g., https://yoursite.com/article or the example https://drshailesh.com/statin-myths) and the fetched content is directly embedded into the generated prompt sent to Claude, so external page content can directly control agent instructions.